Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/PxRpJRmAIe6XLNK6E_X7fepUn98.roa
File: PxRpJRmAIe6XLNK6E_X7fepUn98.roa (raw, json)
Hash identifier: d4Fat6q5MlerEA8RLEfNovR3RwYyyqb/z+KYZskZwRo=
Subject key identifier: 3F:14:69:25:19:80:21:EE:97:2C:D2:BA:13:F5:FB:7D:EA:54:9F:DF
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAADA85A2C3FA2A9AB23BE7A423113
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/PxRpJRmAIe6XLNK6E_X7fepUn98.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208356
IP address blocks: 188.72.88.0/24 maxlen: 24
188.72.90.0/24 maxlen: 24
188.72.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 18:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ad:a8:5a:2c:3f:a2:a9:ab:23:be:7a:42:31:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f146925198021ee972cd2ba13f5fb7dea549fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:48:1c:83:fe:79:d8:a2:28:7e:4d:93:a9:01:
ec:00:fb:d4:af:19:5e:a4:f2:8b:48:26:f4:c9:b3:
69:78:d7:45:37:4e:94:67:56:b8:e6:73:f2:22:a8:
04:08:59:4b:ac:98:8b:1f:4e:12:6e:3e:a6:44:c9:
de:0f:50:f6:43:1c:fd:32:c7:87:44:e3:4d:57:e7:
e7:c0:21:51:d1:87:fb:db:d0:4d:7a:3e:99:3f:66:
8b:0f:a5:68:ac:9f:e3:1a:3c:4a:b8:1a:7a:cc:07:
19:18:54:6d:11:88:a1:41:20:8f:28:b6:2b:f2:42:
38:8c:1b:ac:7d:5f:1c:b0:35:17:04:30:10:e2:f1:
c9:e1:ea:42:45:4e:93:a6:d8:3b:4d:b8:0d:3e:c6:
be:b4:38:59:15:e3:52:33:5b:67:e0:a9:52:38:c4:
42:f1:99:e7:d4:b4:e3:86:9f:49:4c:e0:b8:d9:6a:
db:55:9e:3b:d3:eb:30:81:72:b1:29:6c:02:20:30:
cd:ad:3d:33:bc:19:e3:5b:bc:49:fb:d6:53:19:36:
bf:8b:4c:08:96:66:ae:aa:86:22:7e:7b:fb:06:d7:
27:43:08:14:31:b7:8b:1e:9d:bd:2f:b4:de:fe:e4:
ac:70:37:02:4f:64:2a:58:69:61:ed:04:3e:da:6c:
a5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:14:69:25:19:80:21:EE:97:2C:D2:BA:13:F5:FB:7D:EA:54:9F:DF
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/PxRpJRmAIe6XLNK6E_X7fepUn98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.88.0/24
188.72.90.0/23
Signature Algorithm: sha256WithRSAEncryption
24:41:ca:35:4a:3f:a2:c2:99:18:b5:b4:1c:7f:4b:e1:1a:b0:
26:2d:a0:85:01:b0:07:e2:68:23:83:2a:18:b2:e7:cf:da:6a:
8c:39:37:52:91:d3:9d:0c:72:38:53:0d:3a:f2:24:76:65:a3:
2e:03:98:27:93:47:a9:6d:53:76:9b:b3:04:14:92:b7:4f:c6:
b0:e7:31:ee:5f:f3:e3:00:ee:51:53:8b:9c:69:16:d3:9f:b0:
ff:58:91:9f:90:db:34:3c:f0:5e:f9:68:fd:84:fe:27:95:92:
e5:14:02:c0:ea:da:6c:2a:93:72:19:9d:3e:f2:31:fb:89:8d:
eb:6e:64:38:a0:6d:0b:c5:e0:6f:61:8a:49:36:1b:20:41:07:
48:92:1f:79:ed:68:61:65:22:78:d0:14:29:e6:39:ce:24:47:
9e:2e:b0:d4:ba:df:46:93:2c:33:42:25:27:af:5b:49:4d:30:
6e:5e:40:9b:a3:2b:70:6b:50:ff:0a:77:d4:a3:46:8d:3e:21:
fb:74:85:60:0a:4b:b7:97:ff:2e:de:ca:85:e7:fc:71:f0:e6:
2c:27:eb:91:59:79:37:87:ec:3f:53:85:ea:6e:9e:46:15:cf:
44:38:60:02:a9:3d:46:36:c1:8e:d8:be:b6:59:4d:81:f1:8a:
ba:4b:4d:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+q2oWiw/oqmrI756QjETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE0NjkyNTE5ODAyMWVlOTcyY2QyYmExM2Y1ZmI3ZGVhNTQ5ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUgcg/552KIofk2TqQHsAPvUrxle
pPKLSCb0ybNpeNdFN06UZ1a45nPyIqgECFlLrJiLH04Sbj6mRMneD1D2Qxz9MseH
RONNV+fnwCFR0Yf729BNej6ZP2aLD6VorJ/jGjxKuBp6zAcZGFRtEYihQSCPKLYr
8kI4jBusfV8csDUXBDAQ4vHJ4epCRU6Tptg7TbgNPsa+tDhZFeNSM1tn4KlSOMRC
8Znn1LTjhp9JTOC42WrbVZ470+swgXKxKWwCIDDNrT0zvBnjW7xJ+9ZTGTa/i0wI
lmauqoYifnv7BtcnQwgUMbeLHp29L7Te/uSscDcCT2QqWGlh7QQ+2mylGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8UaSUZgCHulyzSuhP1+33qVJ/fMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvUHhScEpSbUFJZTZYTE5LNkVfWDdmZXBVbjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEhYAwQB
vEhaMA0GCSqGSIb3DQEBCwUAA4IBAQAkQco1Sj+iwpkYtbQcf0vhGrAmLaCFAbAH
4mgjgyoYsufP2mqMOTdSkdOdDHI4Uw068iR2ZaMuA5gnk0epbVN2m7MEFJK3T8aw
5zHuX/PjAO5RU4ucaRbTn7D/WJGfkNs0PPBe+Wj9hP4nlZLlFALA6tpsKpNyGZ0+
8jH7iY3rbmQ4oG0LxeBvYYpJNhsgQQdIkh957WhhZSJ40BQp5jnOJEeeLrDUut9G
kywzQiUnr1tJTTBuXkCboytwa1D/CnfUo0aNPiH7dIVgCku3l/8u3sqF5/xx8OYs
J+uRWXk3h+w/U4Xqbp5GFc9EOGACqT1GNsGO2L62WU2B8Yq6S02o
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:10:35 2025 by rpki-client